Adapt programs to the new NET API
diff --git a/programs/ssl/dtls_client.c b/programs/ssl/dtls_client.c
index 0fedbc7..b3cfb31 100644
--- a/programs/ssl/dtls_client.c
+++ b/programs/ssl/dtls_client.c
@@ -83,7 +83,8 @@
int main( int argc, char *argv[] )
{
- int ret, len, server_fd = -1;
+ int ret, len;
+ mbedtls_net_context server_fd;
uint32_t flags;
unsigned char buf[1024];
const char *pers = "dtls_client";
@@ -106,6 +107,7 @@
/*
* 0. Initialize the RNG and the session data
*/
+ mbedtls_net_init( &server_fd );
mbedtls_ssl_init( &ssl );
mbedtls_ssl_config_init( &conf );
mbedtls_x509_crt_init( &cacert );
@@ -324,8 +326,7 @@
}
#endif
- if( server_fd != -1 )
- mbedtls_net_close( server_fd );
+ mbedtls_net_close( &server_fd );
mbedtls_x509_crt_free( &cacert );
mbedtls_ssl_free( &ssl );
diff --git a/programs/ssl/dtls_server.c b/programs/ssl/dtls_server.c
index ef7ce94..e1da0f7 100644
--- a/programs/ssl/dtls_server.c
+++ b/programs/ssl/dtls_server.c
@@ -92,8 +92,7 @@
int main( void )
{
int ret, len;
- int listen_fd;
- int client_fd = -1;
+ mbedtls_net_context listen_fd, client_fd;
unsigned char buf[1024];
const char *pers = "dtls_server";
unsigned char client_ip[16] = { 0 };
@@ -111,6 +110,8 @@
mbedtls_ssl_cache_context cache;
#endif
+ mbedtls_net_init( &listen_fd );
+ mbedtls_net_init( &client_fd );
mbedtls_ssl_init( &ssl );
mbedtls_ssl_config_init( &conf );
mbedtls_ssl_cookie_init( &cookie_ctx );
@@ -255,20 +256,17 @@
}
#endif
- if( client_fd != -1 )
- mbedtls_net_close( client_fd );
+ mbedtls_net_close( &client_fd );
mbedtls_ssl_session_reset( &ssl );
/*
* 3. Wait until a client connects
*/
- client_fd = -1;
-
printf( " . Waiting for a remote connection ..." );
fflush( stdout );
- if( ( ret = mbedtls_net_accept( listen_fd, &client_fd,
+ if( ( ret = mbedtls_net_accept( &listen_fd, &client_fd,
client_ip, sizeof( client_ip ), &cliip_len ) ) != 0 )
{
printf( " failed\n ! mbedtls_net_accept returned %d\n\n", ret );
@@ -403,8 +401,8 @@
}
#endif
- if( client_fd != -1 )
- mbedtls_net_close( client_fd );
+ mbedtls_net_close( &client_fd );
+ mbedtls_net_close( &listen_fd );
mbedtls_x509_crt_free( &srvcert );
mbedtls_pk_free( &pkey );
diff --git a/programs/ssl/mini_client.c b/programs/ssl/mini_client.c
index 2d1dcb9..95b0f92 100644
--- a/programs/ssl/mini_client.c
+++ b/programs/ssl/mini_client.c
@@ -32,6 +32,10 @@
* NET module, in order to avoid the overhead of getaddrinfo() which tends to
* dominate memory usage in small configurations. For the sake of simplicity,
* only a Unix version is implemented.
+ *
+ * Warning: we are breaking some of the abtractions from the NET layer here.
+ * This is not a good example for general use. This programs has the specific
+ * goal of minimizing use of the libc functions on full-blown OSes.
*/
#if defined(unix) || defined(__unix__) || defined(__unix)
#define UNIX
@@ -160,7 +164,7 @@
int main( void )
{
int ret = exit_ok;
- int server_fd = -1;
+ mbedtls_net_context server_fd;
struct sockaddr_in addr;
#if defined(MBEDTLS_X509_CRT_PARSE_C)
mbedtls_x509_crt ca;
@@ -175,6 +179,7 @@
/*
* 0. Initialize and setup stuff
*/
+ mbedtls_net_init( &server_fd );
mbedtls_ssl_init( &ssl );
mbedtls_ssl_config_init( &conf );
#if defined(MBEDTLS_X509_CRT_PARSE_C)
@@ -241,13 +246,13 @@
addr.sin_addr.s_addr = *((char *) &ret) == ret ? ADDR_LE : ADDR_BE;
ret = 0;
- if( ( server_fd = socket( AF_INET, SOCK_STREAM, 0 ) ) < 0 )
+ if( ( server_fd.fd = socket( AF_INET, SOCK_STREAM, 0 ) ) < 0 )
{
ret = socket_failed;
goto exit;
}
- if( connect( server_fd,
+ if( connect( server_fd.fd,
(const struct sockaddr *) &addr, sizeof( addr ) ) < 0 )
{
ret = connect_failed;
@@ -275,8 +280,7 @@
mbedtls_ssl_close_notify( &ssl );
exit:
- if( server_fd != -1 )
- mbedtls_net_close( server_fd );
+ mbedtls_net_close( &server_fd );
mbedtls_ssl_free( &ssl );
mbedtls_ssl_config_free( &conf );
diff --git a/programs/ssl/ssl_client1.c b/programs/ssl/ssl_client1.c
index c23c653..61ead50 100644
--- a/programs/ssl/ssl_client1.c
+++ b/programs/ssl/ssl_client1.c
@@ -78,7 +78,8 @@
int main( void )
{
- int ret, len, server_fd = -1;
+ int ret, len;
+ mbedtls_net_context server_fd;
uint32_t flags;
unsigned char buf[1024];
const char *pers = "ssl_client1";
@@ -96,6 +97,7 @@
/*
* 0. Initialize the RNG and the session data
*/
+ mbedtls_net_init( &server_fd );
mbedtls_ssl_init( &ssl );
mbedtls_ssl_config_init( &conf );
mbedtls_x509_crt_init( &cacert );
@@ -288,8 +290,7 @@
}
#endif
- if( server_fd != -1 )
- mbedtls_net_close( server_fd );
+ mbedtls_net_close( &server_fd );
mbedtls_x509_crt_free( &cacert );
mbedtls_ssl_free( &ssl );
diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index f8188d6..27bd8bf 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@@ -386,7 +386,8 @@
int main( int argc, char *argv[] )
{
- int ret = 0, len, tail_len, server_fd, i, written, frags, retry_left;
+ int ret = 0, len, tail_len, i, written, frags, retry_left;
+ mbedtls_net_context server_fd;
unsigned char buf[MBEDTLS_SSL_MAX_CONTENT_LEN + 1];
#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
unsigned char psk[MBEDTLS_PSK_MAX_LEN];
@@ -417,7 +418,7 @@
/*
* Make sure memory references are valid.
*/
- server_fd = 0;
+ mbedtls_net_init( &server_fd );
mbedtls_ssl_init( &ssl );
mbedtls_ssl_config_init( &conf );
memset( &saved_session, 0, sizeof( mbedtls_ssl_session ) );
@@ -1038,9 +1039,9 @@
}
if( opt.nbio > 0 )
- ret = mbedtls_net_set_nonblock( server_fd );
+ ret = mbedtls_net_set_nonblock( &server_fd );
else
- ret = mbedtls_net_set_block( server_fd );
+ ret = mbedtls_net_set_block( &server_fd );
if( ret != 0 )
{
mbedtls_printf( " failed\n ! net_set_(non)block() returned -0x%x\n\n", -ret );
@@ -1502,7 +1503,7 @@
{
--opt.reconnect;
- mbedtls_net_close( server_fd );
+ mbedtls_net_close( &server_fd );
#if defined(MBEDTLS_TIMING_C)
if( opt.reco_delay > 0 )
@@ -1533,9 +1534,9 @@
}
if( opt.nbio > 0 )
- ret = mbedtls_net_set_nonblock( server_fd );
+ ret = mbedtls_net_set_nonblock( &server_fd );
else
- ret = mbedtls_net_set_block( server_fd );
+ ret = mbedtls_net_set_block( &server_fd );
if( ret != 0 )
{
mbedtls_printf( " failed\n ! net_set_(non)block() returned -0x%x\n\n",
@@ -1571,8 +1572,7 @@
}
#endif
- if( server_fd )
- mbedtls_net_close( server_fd );
+ mbedtls_net_close( &server_fd );
#if defined(MBEDTLS_X509_CRT_PARSE_C)
mbedtls_x509_crt_free( &clicert );
diff --git a/programs/ssl/ssl_fork_server.c b/programs/ssl/ssl_fork_server.c
index 0984be1..9aab975 100644
--- a/programs/ssl/ssl_fork_server.c
+++ b/programs/ssl/ssl_fork_server.c
@@ -96,8 +96,7 @@
int main( void )
{
int ret, len, cnt = 0, pid;
- int listen_fd;
- int client_fd = -1;
+ mbedtls_net_context listen_fd, client_fd;
unsigned char buf[1024];
const char *pers = "ssl_fork_server";
@@ -108,6 +107,8 @@
mbedtls_x509_crt srvcert;
mbedtls_pk_context pkey;
+ mbedtls_net_init( &listen_fd );
+ mbedtls_net_init( &client_fd );
mbedtls_ssl_init( &ssl );
mbedtls_ssl_config_init( &conf );
mbedtls_entropy_init( &entropy );
@@ -216,13 +217,13 @@
/*
* 3. Wait until a client connects
*/
- client_fd = -1;
- memset( &ssl, 0, sizeof( ssl ) );
+ mbedtls_net_init( &client_fd );
+ mbedtls_ssl_init( &ssl );
mbedtls_printf( " . Waiting for a remote connection ..." );
fflush( stdout );
- if( ( ret = mbedtls_net_accept( listen_fd, &client_fd,
+ if( ( ret = mbedtls_net_accept( &listen_fd, &client_fd,
NULL, 0, NULL ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_net_accept returned %d\n\n", ret );
@@ -258,11 +259,11 @@
goto exit;
}
- close( client_fd );
+ mbedtls_net_close( &client_fd );
continue;
}
- close( listen_fd );
+ mbedtls_net_close( &listen_fd );
/*
* 4. Setup stuff
@@ -384,9 +385,8 @@
}
exit:
-
- if( client_fd != -1 )
- mbedtls_net_close( client_fd );
+ mbedtls_net_close( &client_fd );
+ mbedtls_net_close( &listen_fd );
mbedtls_x509_crt_free( &srvcert );
mbedtls_pk_free( &pkey );
diff --git a/programs/ssl/ssl_mail_client.c b/programs/ssl/ssl_mail_client.c
index 9932594..4ea5d4c 100644
--- a/programs/ssl/ssl_mail_client.c
+++ b/programs/ssl/ssl_mail_client.c
@@ -66,8 +66,6 @@
#include <unistd.h>
#else
#include <io.h>
-#define read _read
-#define write _write
#endif
#if defined(_WIN32) || defined(_WIN32_WCE)
@@ -294,7 +292,7 @@
while( 1 );
}
-static int write_and_get_response( int sock_fd, unsigned char *buf, size_t len )
+static int write_and_get_response( mbedtls_net_context *sock_fd, unsigned char *buf, size_t len )
{
int ret;
unsigned char data[128];
@@ -302,7 +300,7 @@
size_t i, idx = 0;
mbedtls_printf("\n%s", buf);
- if( len && ( ret = write( sock_fd, buf, len ) ) <= 0 )
+ if( len && ( ret = mbedtls_net_send( sock_fd, buf, len ) ) <= 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_write returned %d\n\n", ret );
return -1;
@@ -312,7 +310,7 @@
{
len = sizeof( data ) - 1;
memset( data, 0, sizeof( data ) );
- ret = read( sock_fd, data, len );
+ ret = mbedtls_net_recv( sock_fd, data, len );
if( ret <= 0 )
{
@@ -346,7 +344,8 @@
int main( int argc, char *argv[] )
{
- int ret = 0, len, server_fd;
+ int ret = 0, len;
+ mbedtls_net_context server_fd;
unsigned char buf[1024];
#if defined(MBEDTLS_BASE64_C)
unsigned char base[1024];
@@ -369,7 +368,7 @@
/*
* Make sure memory references are valid in case we exit early.
*/
- server_fd = 0;
+ mbedtls_net_init( &server_fd );
mbedtls_ssl_init( &ssl );
mbedtls_ssl_config_init( &conf );
memset( &buf, 0, sizeof( buf ) );
@@ -658,7 +657,7 @@
mbedtls_printf( " > Get header from server:" );
fflush( stdout );
- ret = write_and_get_response( server_fd, buf, 0 );
+ ret = write_and_get_response( &server_fd, buf, 0 );
if( ret < 200 || ret > 299 )
{
mbedtls_printf( " failed\n ! server responded with %d\n\n", ret );
@@ -672,7 +671,7 @@
gethostname( hostname, 32 );
len = sprintf( (char *) buf, "EHLO %s\r\n", hostname );
- ret = write_and_get_response( server_fd, buf, len );
+ ret = write_and_get_response( &server_fd, buf, len );
if( ret < 200 || ret > 299 )
{
mbedtls_printf( " failed\n ! server responded with %d\n\n", ret );
@@ -686,7 +685,7 @@
gethostname( hostname, 32 );
len = sprintf( (char *) buf, "STARTTLS\r\n" );
- ret = write_and_get_response( server_fd, buf, len );
+ ret = write_and_get_response( &server_fd, buf, len );
if( ret < 200 || ret > 299 )
{
mbedtls_printf( " failed\n ! server responded with %d\n\n", ret );
@@ -820,8 +819,7 @@
exit:
- if( server_fd )
- mbedtls_net_close( server_fd );
+ mbedtls_net_close( &server_fd );
mbedtls_x509_crt_free( &clicert );
mbedtls_x509_crt_free( &cacert );
mbedtls_pk_free( &pkey );
diff --git a/programs/ssl/ssl_pthread_server.c b/programs/ssl/ssl_pthread_server.c
index 7a4c2b2..4bd3671 100644
--- a/programs/ssl/ssl_pthread_server.c
+++ b/programs/ssl/ssl_pthread_server.c
@@ -106,7 +106,7 @@
}
typedef struct {
- int client_fd;
+ mbedtls_net_context client_fd;
int thread_complete;
const mbedtls_ssl_config *config;
} thread_info_t;
@@ -124,7 +124,7 @@
{
int ret, len;
thread_info_t *thread_info = (thread_info_t *) data;
- int client_fd = thread_info->client_fd;
+ mbedtls_net_context *client_fd = &thread_info->client_fd;
long int thread_id = (long int) pthread_self();
unsigned char buf[1024];
mbedtls_ssl_context ssl;
@@ -132,7 +132,7 @@
/* Make sure memory references are valid */
mbedtls_ssl_init( &ssl );
- mbedtls_printf( " [ #%ld ] Client FD %d\n", thread_id, client_fd );
+ mbedtls_printf( " [ #%ld ] Setting up SSL/TLS data\n", thread_id );
/*
* 4. Get the SSL context ready
@@ -144,7 +144,7 @@
goto thread_exit;
}
- mbedtls_ssl_set_bio( &ssl, &client_fd, mbedtls_net_send, mbedtls_net_recv, NULL );
+ mbedtls_ssl_set_bio( &ssl, client_fd, mbedtls_net_send, mbedtls_net_recv, NULL );
/*
* 5. Handshake
@@ -273,7 +273,7 @@
return( NULL );
}
-static int thread_create( int client_fd )
+static int thread_create( mbedtls_net_context *client_fd )
{
int ret, i;
@@ -302,9 +302,10 @@
*/
memcpy( &threads[i].data, &base_info, sizeof(base_info) );
threads[i].active = 1;
- threads[i].data.client_fd = client_fd;
+ memcpy( &threads[i].data.client_fd, client_fd, sizeof( mbedtls_net_context ) );
- if( ( ret = pthread_create( &threads[i].thread, NULL, handle_ssl_connection, &threads[i].data ) ) != 0 )
+ if( ( ret = pthread_create( &threads[i].thread, NULL, handle_ssl_connection,
+ &threads[i].data ) ) != 0 )
{
return( ret );
}
@@ -315,8 +316,7 @@
int main( void )
{
int ret;
- int listen_fd;
- int client_fd = -1;
+ mbedtls_net_context listen_fd, client_fd;
const char pers[] = "ssl_pthread_server";
mbedtls_entropy_context entropy;
@@ -346,6 +346,8 @@
mbedtls_ssl_config_init( &conf );
mbedtls_ctr_drbg_init( &ctr_drbg );
memset( threads, 0, sizeof(threads) );
+ mbedtls_net_init( &listen_fd );
+ mbedtls_net_init( &client_fd );
mbedtls_mutex_init( &debug_mutex );
@@ -474,11 +476,9 @@
/*
* 3. Wait until a client connects
*/
- client_fd = -1;
-
mbedtls_printf( " [ main ] Waiting for a remote connection\n" );
- if( ( ret = mbedtls_net_accept( listen_fd, &client_fd,
+ if( ( ret = mbedtls_net_accept( &listen_fd, &client_fd,
NULL, 0, NULL ) ) != 0 )
{
mbedtls_printf( " [ main ] failed: mbedtls_net_accept returned -0x%04x\n", ret );
@@ -488,10 +488,10 @@
mbedtls_printf( " [ main ] ok\n" );
mbedtls_printf( " [ main ] Creating a new thread\n" );
- if( ( ret = thread_create( client_fd ) ) != 0 )
+ if( ( ret = thread_create( &client_fd ) ) != 0 )
{
mbedtls_printf( " [ main ] failed: thread_create returned %d\n", ret );
- mbedtls_net_close( client_fd );
+ mbedtls_net_close( &client_fd );
goto reset;
}
@@ -508,6 +508,8 @@
mbedtls_entropy_free( &entropy );
mbedtls_ssl_config_free( &conf );
+ mbedtls_net_free( &listen_fd );
+
mbedtls_mutex_free( &debug_mutex );
#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
diff --git a/programs/ssl/ssl_server.c b/programs/ssl/ssl_server.c
index c009733..786ae5c 100644
--- a/programs/ssl/ssl_server.c
+++ b/programs/ssl/ssl_server.c
@@ -91,8 +91,7 @@
int main( void )
{
int ret, len;
- int listen_fd;
- int client_fd = -1;
+ mbedtls_net_context listen_fd, client_fd;
unsigned char buf[1024];
const char *pers = "ssl_server";
@@ -106,6 +105,8 @@
mbedtls_ssl_cache_context cache;
#endif
+ mbedtls_net_init( &listen_fd );
+ mbedtls_net_init( &client_fd );
mbedtls_ssl_init( &ssl );
mbedtls_ssl_config_init( &conf );
#if defined(MBEDTLS_SSL_CACHE_C)
@@ -236,20 +237,17 @@
}
#endif
- if( client_fd != -1 )
- mbedtls_net_close( client_fd );
+ mbedtls_net_close( &client_fd );
mbedtls_ssl_session_reset( &ssl );
/*
* 3. Wait until a client connects
*/
- client_fd = -1;
-
mbedtls_printf( " . Waiting for a remote connection ..." );
fflush( stdout );
- if( ( ret = mbedtls_net_accept( listen_fd, &client_fd,
+ if( ( ret = mbedtls_net_accept( &listen_fd, &client_fd,
NULL, 0, NULL ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_net_accept returned %d\n\n", ret );
@@ -375,8 +373,8 @@
}
#endif
- if( client_fd != -1 )
- mbedtls_net_close( client_fd );
+ mbedtls_net_close( &client_fd );
+ mbedtls_net_close( &listen_fd );
mbedtls_x509_crt_free( &srvcert );
mbedtls_pk_free( &pkey );
diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c
index c66a4e9..3b2c802 100644
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c
@@ -746,7 +746,7 @@
}
#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */
-static int listen_fd, client_fd = -1;
+static mbedtls_net_context listen_fd, client_fd;
/* Interruption handler to ensure clean exit (for valgrind testing) */
#if !defined(_WIN32)
@@ -755,8 +755,8 @@
{
((void) sig);
received_sigterm = 1;
- mbedtls_net_close( listen_fd ); /* causes mbedtls_net_accept() to abort */
- mbedtls_net_close( client_fd ); /* causes net_read() to abort */
+ mbedtls_net_close( &listen_fd ); /* causes mbedtls_net_accept() to abort */
+ mbedtls_net_close( &client_fd ); /* causes net_read() to abort */
}
#endif
@@ -826,7 +826,8 @@
/*
* Make sure memory references are valid in case we exit early.
*/
- listen_fd = 0;
+ mbedtls_net_init( &client_fd );
+ mbedtls_net_init( &listen_fd );
mbedtls_ssl_init( &ssl );
mbedtls_ssl_config_init( &conf );
mbedtls_ctr_drbg_init( &ctr_drbg );
@@ -1842,20 +1843,17 @@
}
#endif
- if( client_fd != -1 )
- mbedtls_net_close( client_fd );
+ mbedtls_net_close( &client_fd );
mbedtls_ssl_session_reset( &ssl );
/*
* 3. Wait until a client connects
*/
- client_fd = -1;
-
mbedtls_printf( " . Waiting for a remote connection ..." );
fflush( stdout );
- if( ( ret = mbedtls_net_accept( listen_fd, &client_fd,
+ if( ( ret = mbedtls_net_accept( &listen_fd, &client_fd,
client_ip, sizeof( client_ip ), &cliip_len ) ) != 0 )
{
#if !defined(_WIN32)
@@ -1872,9 +1870,9 @@
}
if( opt.nbio > 0 )
- ret = mbedtls_net_set_nonblock( client_fd );
+ ret = mbedtls_net_set_nonblock( &client_fd );
else
- ret = mbedtls_net_set_block( client_fd );
+ ret = mbedtls_net_set_block( &client_fd );
if( ret != 0 )
{
mbedtls_printf( " failed\n ! net_set_(non)block() returned -0x%x\n\n", -ret );
@@ -2254,8 +2252,8 @@
mbedtls_printf( " . Cleaning up..." );
fflush( stdout );
- if( client_fd != -1 )
- mbedtls_net_close( client_fd );
+ mbedtls_net_close( &client_fd );
+ mbedtls_net_close( &listen_fd );
#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_FS_IO)
mbedtls_dhm_free( &dhm );
